0

I use Ovh to host a VPS in which my services run. I choose the latest, Ubuntu 20.04 release for my VPS OS image, ran an apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y && reboot and then ran an nmap -sV --script vulners <IP> to only see this:

22/tcp    open  ssh      OpenSSH 8.3p1 Ubuntu 1ubuntu0.1 (Ubuntu Linux; protocol 2.0)
| vulners: 
|   cpe:/a:openbsd:openssh:8.3p1: 
|       EDB-ID:21018    10.0    https://vulners.com/exploitdb/EDB-ID:21018  *EXPLOIT*
|       CVE-2001-0554   10.0    https://vulners.com/cve/CVE-2001-0554
|       CVE-2020-15778  6.8     https://vulners.com/cve/CVE-2020-15778
|       CVE-2021-28041  4.6     https://vulners.com/cve/CVE-2021-28041
|       MSF:ILITIES/OPENBSD-OPENSSH-CVE-2020-14145/     4.3     https://vulners.com/metasploit/MSF:ILITIES/OPENBSD-OPENSSH-CVE-2020-14145/   *EXPLOIT*
|       MSF:ILITIES/HUAWEI-EULEROS-2_0_SP9-CVE-2020-14145/      4.3     https://vulners.com/metasploit/MSF:ILITIES/HUAWEI-EULEROS-2_0_SP9-CVE-2020-14145/*EXPLOIT*
|       MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-14145/      4.3     https://vulners.com/metasploit/MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-14145/*EXPLOIT*
|       MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2020-14145/      4.3     https://vulners.com/metasploit/MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2020-14145/*EXPLOIT*
|       MSF:ILITIES/F5-BIG-IP-CVE-2020-14145/   4.3     https://vulners.com/metasploit/MSF:ILITIES/F5-BIG-IP-CVE-2020-14145/ *EXPLOIT*
|       CVE-2020-14145  4.3     https://vulners.com/cve/CVE-2020-14145

and so on... From here, I disabled u/p authentication and changed it to RSA authentication which seems snakeoil to me because most of these exploits seem way beyond the method of authentication but anyway, I then thought I could use ufw as a basic whitelist for IPV4/IPV6 connections via SSH but this seems so overkill... I Googled if I could upgrade my SSH but it seems it is built into the 20.04 image and the OS needs upgrading - but OVH does not offer this...

What is the correct way to secure from these underlying issues? Reinstalling the VPS with new OS images seems like a long "down-time" way of providing patches and security maintenance. Any advice on how I can secure this SSH issue?

My VPS can be located here: https://www.ovhcloud.com/en-gb/vps/

Jaquarh
  • 121
  • Tried to have a look at the website, turns out they don't even support TLS 1.2. This makes me sceptical about their general attitude re: security. I would question if OVH is the right choice if you are security-conscious. – emk2203 May 23 '21 at 08:40
  • Apologies, the URL is https://www.ovh.co.uk/ not .net - I did not confirm the URL on posting this thread - I'll update the question to fix broken link @emk2203 – Jaquarh May 23 '21 at 08:42
  • Does this answer your question? How can I tell if a CVE has been fixed in Ubuntu's repositories? – muru May 23 '21 at 10:24
  • For several of these, it seems upstream OpenSSH has no intention of changing the behaviour, so it seems there is nothing to be done as they're not really "underlying issues" – muru May 23 '21 at 10:31
  • I'm not sure I follow, are you saying the nmap scan is showing incorrect details and that, for example, this returned CVE is not effected by my version as the OpenBSD version is 2.4 and mine is 8.3? Thanks for the link @muru – Jaquarh May 23 '21 at 11:03
  • I think it's just spewing some CVE numbers based on the version string without actually verifying that they're a problem. – muru May 23 '21 at 12:48

0 Answers0